Wildfly SSL configuration
himanshu.mishra23 Jun 3, 2015 9:36 AMHi,
I am trying to configure SSL on wildlfy. I am able to do so with self-signed certificate.
The problem is, when I import a trusted certificate in my keystore and use it with the alias 'mycert' I used to import the certificate. The error comes:
Failed to start service jboss.server.controller.management.security_realm.SslRealm.keystore: org.jboss.msc.service.StartException in service jboss.server.controller.management.security_realm.SslRealm.keystore: JBAS021000: The alias specified 'mycert' is not a Key, valid aliases are {mycert.co.in}
at org.jboss.as.domain.management.security.FileKeystore.load(FileKeystore.java:139)
at org.jboss.as.domain.management.security.FileKeystoreService.start(FileKeystoreService.java:78)
at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1948) [jboss-msc-1.2.0.Final.jar:1.2.0.Final]
at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1881) [jboss-msc-1.2.0.Final.jar:1.2.0.Final]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [rt.jar:1.8.0_31]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [rt.jar:1.8.0_31]
at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_31]
The alias "mycert.co.in" wildfly is suggesting is one, which I used while creating keystore. When I use the alias "mycert.co.in", the certificate is shown as invalid. The browser is not showing the certificate that I imported to the keystore.
My configuration is:
<security-realm name="SslRealm">
<server-identities>
<ssl>
<keystore path="ATT25238.qakeystore" relative-to="jboss.server.config.dir" keystore-password="chnageit" alias="mycert"/>
</ssl>
</server-identities>
</security-realm>
below is the listener configuration:
<https-listener name="https" socket-binding="https" security-realm="SslRealm"/>
Can anyone help me on this?
Thanks & Regards,
Himanshu Mishra